Recent Questions - Server Fault

Run a Powershell script once on all computers as admin via GPO without changing execution policy
Connectivity issue between me and Google Cloud infrastructure
Unable to start critical Windows Services in Docker Windows Container
Free DMARC XML analyzer
Windows docker container cannot reach another host on the same private network
Chrony Configuration to Accept Radio Time Signals
Using SSH tunneling to only allow access to certain mobile device
IPtables redirect IP from VPN
Openvpn allow access to clients from private network
selecting vCPU harware family while creating VMs on AWS or Azure or Google compute
How to Disable WebDAV Redirector server feature
Purpose of IPv4 mapped IPv6 address
I am unable to edit email message body in evolution following update
PXE boot failing on RHEL install; PXE-E79
Rsyslog - "Warning: CA certificate is not set" but TLS forwarding still works
K8S limit number of starting pods at the same time
How to automatically save and force update of a dynamic DNS on pfSense?
How to disable client-initiated renegotiation in Postfix?
Exchange 2019 Antimalware engine updates download but don't get applied
pam_sss(crond:session): Request to sssd failed. Public socket has wrong ownership or permissions
503 Service Unavailable with ambassador QOTM service
Can't use UPN credentials with New-MoveRequest?
How to display more Task Scheduler logs?
zywall usg 100 log website visits
mdadm: drive replacement shows up as spare and refuses to sync
openSUSE 13.1 pam_ldap error trying to bind invalid credentials
Disable Outlook Web Access Junk filtering in Exchange 2013
mysql binlog error "ERROR: Error in Log_event::read_log_event(): 'Found invalid event in binary log', data_len: 341, event_type: 2 **"
Web page hangs on reload/refresh
How to create monit monitor to alert when a line of text is NOT seen in a log file over a period of time

Run a Powershell script once on all computers as admin via GPO without changing execution policy

Posted: 01 Jun 2022 11:42 AM PDT

I have a Powershell script that I need to run on all computers on my Active Directory domain once. A large number of computers are off at any given time, so a GPO would allow us to ensure that it applies to all affected machines. However, the script needs to run as administrator because of the registry values being modified. Also, per our security department, we cannot change the ExecutionPolicy on these devices.

Is there any way to get this script to run?

New-PSDrive -PSProvider registry -Root HKEY_CLASSES_ROOT -Name HKCR  $regKey = 'ms-msdt'  $saveFolder = 'C:\Temp\'  $savePath = $saveFolder + 'CVE-2022-30190.reg'  $PSRegPath = 'HKCR:\' + $regkey  $CMDRegPath = 'HKCR\' + $regkey  if(Test-Path $PSRegPath)  {      if(!(Test-Path $saveFolder))      {          New-Item -Path $folder -ItemType Directory      }      Invoke-Command {reg export $CMDRegPath $savePath -Y}      Remove-Item -Path $PSRegPath -Recurse -Force  }

This script backs up a registry entry before deleting it, as recommended by the Microsoft mitigation work-around to CVE-2022-30190

Connectivity issue between me and Google Cloud infrastructure

Posted: 01 Jun 2022 11:17 AM PDT

This morning I found myself disconnected from a huge part of the internet. I discovered that I can't reach any website in some Google Cloud subnets.

traceroute -w 3 -q 1 -m 16 app.alpaca.markets  traceroute to live.alpaca.markets (35.221.23.121), 16 hops max, 52 byte packets   1  192.168.88.1 (192.168.88.1)  1.360 ms   2  astound-***.ca.astound.net (***)  3.000 ms   3  174.127.183.114 (174.127.183.114)  2.614 ms   4  192.175.29.226 (192.175.29.226)  3.526 ms   5  be13.cr2-55smarket.bb.as11404.net (192.175.30.220)  4.972 ms   6  be1.cr3-55smarket.bb.as11404.net (192.175.30.71)  5.057 ms   7  be12.cr4-11greatoaks.bb.as11404.net (192.175.30.222)  5.534 ms   8  209.85.168.110 (209.85.168.110)  5.941 ms       <<<<  AS15169 Google LLC   9  *  10  *

The same host is reachable from Digital Ocean:

traceroute to app.alpaca.markets (35.221.23.121), 16 hops max, 60 byte packets   1  *   2  173.199.97.65 (173.199.97.65)  8.721 ms   3  *   4  *   5  ipv4.de-cix.dfw.us.as15169.google.com (206.53.202.11)  0.606 ms   6  ipv4.de-cix.dfw.us.as15169.google.com (206.53.202.11)  0.665 ms   7  121.23.221.35.bc.googleusercontent.com (35.221.23.121)  33.248 ms

Some affected IPs:

35.199.54.180  35.199.54.185  35.199.54.181  35.221.23.120  35.221.23.121  35.221.23.122

My internet provider refuses to provide any help. And it looks like traffic gets stuck on Google's side.

What can I do?

Unable to start critical Windows Services in Docker Windows Container

Posted: 01 Jun 2022 11:10 AM PDT

We are trying to modernize a legacy 3rd party application by setting up a Docker Windows Container. We are using windows image: mcr.microsoft.com/windows/server:ltsc2022 for our container. This application needs some of the service to be running, however the windows container itself restricts the services from turning on. Some of the services we require are: 'Base Filtering Engine (BFE)', 'Network Location Awareness (NlaSvc)', 'Network List Service (netprofm)', 'Server (LanmanServer)', etc. There is also a GitHub unresolved closed issue with similar issue: https://github.com/microsoft/Windows-Containers/issues/173 Any advice or solution is welcome.

Thank You, Maharshi Suthar

Free DMARC XML analyzer

Posted: 01 Jun 2022 11:09 AM PDT

Looking for a solution to analyze DMARC XML reports for a small business.

Currently have a bunch of domains names configured with the same dmarc report email address. This report email account receives on average about 2,3 DMARC emails on a daily basis from distinct domains.

All the DMARC XML analyzer free solutions ive seen online seem to only support 1 or 2 domains, i wonder if anyone knows of a free or cheap solution that does not take domains count into consideration but rather the volume of XML reports it processes on a daily or month basis?

On my case there are so few reports a day that i really dont want to solve the problem by acquiring a "premium" account where i need to pay hundreds of dollars a month...

Windows docker container cannot reach another host on the same private network

Posted: 01 Jun 2022 11:07 AM PDT

I'm running a Docker container on Windows:

docker run -d -p 2001:8080  -v F:\Scan:/app/data/output  -e SANED_NET_HOSTS="192.168.1.200"  --restart unless-stopped  --name scanservjs  --privileged  sbs20/scanservjs:latest

This basically helps converting my Scanner into a Wifi Scanner.

I confirm 192.168.1.200 is definitely accessible (a raspberry pi on the same private network), and from the Host (Windows), I can ping 192.168.1.200 and telnet 192.168.1.200 6566 without any issues.

This was definitely working before, but for some reason (maybe due to Windows updates or so), my container no longer seems to be able to reach 192.168.1.200 at all. If I install ping on the container, ping 192.168.1.200 just hangs forever.

I've tried a number of things, such as trying some network settings (converting to docker-compose.yml and add some network settings, etc), but couldn't get anything to work so far. I tried --net=host, but then I don't seem to be able to access localhost:2001 or localhost:8080, so I was unable to do much.

I tried to temp disable Windows Firewall, but doesn't seem to resolve either.

Windows host -> raspberry pi [good]    Docker container (in Windows host) -> raspberry pi [fail]

What could be the problem that prevents the Docker container from reaching 192.168.1.200, while the Windows host can without any problems?

Chrony Configuration to Accept Radio Time Signals

Posted: 01 Jun 2022 09:39 AM PDT

Is there a way to have Chrony accept an externally generated clock pulse ?

For example, I want to use the Canadian radio time source CHU to provide ticks on the second. Assume that I have the required hardware to receive the signal and have a fast C program to isolate the signal I want (1 KHz tone pulse demarcating seconds).

I only need the clock to be synchronized to the second, not the exact time.

Does Chrony have a mechanism to accept a one second periodic correction pulse ?

Using SSH tunneling to only allow access to certain mobile device

Posted: 01 Jun 2022 08:32 AM PDT

I need a way for our app that sends data from a phone to a server and to a database to only allow certain mobile devices to accept data from. I searched ip filtering but the ip addresses of phones change all the time. and mac address filtering isn't as secure. people recommended SSH tunneling but I can only find scenarios for desktop and not for mobile

IPtables redirect IP from VPN

Posted: 01 Jun 2022 08:08 AM PDT

I am trying to set up a VPN with iptables redirect. VPN client is a hardware with predefined destination IP to 192.168.0.100. However the real destination IP now is 192.168.30.100 and I cannot change the settings of the hardware. Therefore I am advertising to VPN clients that the server can route 192.168.100.0/24. But at the Ubuntu which hosts the openvpn server I want to redirect those requests to 192.168.0.100 to 192.168.30.100.

I have tried these

iptables -t nat -A PREROUTING -d 192.168.0.100 -j DNAT —-to-destination 192.168.30.100  iptables -t nat -A POSTROUTING -j MASQUERADE

However these settings don't work. Any suggestions?

Openvpn allow access to clients from private network

Posted: 01 Jun 2022 08:53 AM PDT

I do have a setup with pfsense. I have configured 2 LAN subnets: 192.168.50.0/24 is a DMZ 192.168.100.0/24 is a Management

Then in DMZ I do have an openvpn server. To that server multiple clients are connecting. I would like to be able to connect to their interfaces from 192.168.100.0/24. I was able to route ping to the vpn server (seen it on tcp dump) by specifing vpn server as gateway for 10.20.0.0/24 on pfsense.

However the ping never reached tun interface (tcp dump only saw it on eth interface and not as outgoing on tun).

I do believe that I must do something with IP tables on openvpn server. Any suggestions on how to achieve rhis without switching to site-site vpn? I know that I can connect as vpn client and allow client-client but this is not prefered way.

According to this https://openvpn.net/vpn-server-resources/reach-openvpn-clients-directly-from-a-private-network/ it should be possible in openvpn access server but how to do this in standard ovpn server.

Thank you in forward

selecting vCPU harware family while creating VMs on AWS or Azure or Google compute

Posted: 01 Jun 2022 08:31 AM PDT

Do the AWS or Azure or Google compute allow user to select vCPU architecture/Family while creating a VM? Is that possible if I have to specifically create a VM with Xeon family processor and another VM with core i7? on the same cloud platform?

How to Disable WebDAV Redirector server feature

Posted: 01 Jun 2022 08:26 AM PDT

I have Windows Server 2019 and installed SharePoint 2019 in it for enable Open with Explorer view in Server i enabled feature WebDAV Redirecter, now after enable now i want disable this feature and what are recommmended steps to disable this server feature.

Purpose of IPv4 mapped IPv6 address

Posted: 01 Jun 2022 09:19 AM PDT

I am still confused about the purpose of IPv4 mapped IPv6 addresses and would like some enlightenment.

I have a server client pair of machines and I intend to connect them via Openvpn. The server has an IPv6 address, while the client an IPv4 only address. When I ping the client's IPv4 mapped IPv6 address, there is a response. However, when I configured the client to connect to the server's IPv6 address, I was unable to connect. I have included the client's IPv4 mapped IPv6 address into the Openvpn client configuration file -- local

Let's switch the pair. Now, the server has an IPv4 address (with a IPv4 mapped IPv6 address) and the client as an IPv6 address. I am also unable to establish an Openvpn connection by connecting to the server's IPv4 mapped IPv6 address.

In this case, What good is here when it comes to Openvpn connections while IPv4 mapped IPv6 address?

TLDR: For instance, I have an IPv4 only machine with IP 126.10.13.2 and it has an IPv4 mapped IPv6 address of ::ffff:7e0a:d02. I have another IPv6 machine with IP 2a04::dead:beef:5802:A. How am I able to connect both of them via Openvpn? I cannot seem to connect the IPv6 address of both machines together.

I am unable to edit email message body in evolution following update

Posted: 01 Jun 2022 10:25 AM PDT

I updated my system and now when I open an email to send, I can add header information but not the body of the message. Same with trying to reply to an email. No cursor will parse to the body of the message. It's read only.

How do I re-enable my message body in evolution?

DISTRIB_DESCRIPTION="Ubuntu 21.10"

evolution version

3.40.4-1ubuntu2

PXE boot failing on RHEL install; PXE-E79

Posted: 01 Jun 2022 10:59 AM PDT

i'm trying to install RHEL 9.0 on a gigabyte motherboard, Product Name: H170M-D3H-CF. My dhcp setup has worked in the past, so I don't think the dhcp is the issue. I know that something is going between the dhcp server (also the kickstart server) because I did have a typo in the dhcpd.conf file and have fixed it. The error changes to the following:

PXE-E79 NBP is too big to fit in free base memory

Elsewhere I read that the problem is the client is trying to use BIOS boot when it should be doing UEFI boot. (ahh, the machine previously had a UEFI disk, and that's what I want to use going forward. Thus, "BIOS" is to be avoided.) The suggestion is to turn off "legacy" boot. I can't find a way to do that in my motherboard's, ahem!, BIOS. (should it be called BIOS or something else?)

I've used this kickstart server for a long time; I believe the tftp, dhcp, http parts are all okay. I've installed RH 8.5 on at least two machines with this.

UPDATE: looks like i don't have enough debug information to chase this problem down. the motherboard is (i guess) set up to use UEFI only, but that's not happening, and there's no indication of why. so my next idea is to resort to the old pxeboot. while (1) sigh(); oh, well.

Rsyslog - "Warning: CA certificate is not set" but TLS forwarding still works

Posted: 01 Jun 2022 10:43 AM PDT

I am configuring rsyslog to forward over TCP/TLS. I was curious why, unlike HTTPS, I had to add the certificate to my client, so I went against the README and commented out the cert config, leaving me with this:

# global(DefaultNetstreamDriverCAFile="/etc/ssl/cert.pem")    ruleset(name="fluentd") {          action(                  type="omfwd"                  target="<my domain>"                  port="24224"                  protocol="tcp"                  StreamDriver="gtls"                  StreamDriverMode="1"                  StreamDriverAuthMode="anon"  )  }

Now, I get a Warning: CA certificate is not set [v8.2001.0 try https://www.rsyslog.com/e/2329 ] in the rsyslog logs, however the log messages are still successfully forwarded to my fluentd instance, which is using TLS.

Why is this? Is the cert even necessary?

K8S limit number of starting pods at the same time

Posted: 01 Jun 2022 08:09 AM PDT

I have problem with K8S, I have about 30 microservices (java running on spring boot). Microservices needs a lot of CPUs only for startup because there are a lot of libraries. When I deploy all microservices at the same time it will create really big CPU load on K8S nodes and they are marked as unavailable. I need to limit somehow number of simultaneously starting pods to avoid of high cpu load on nodes. Is there any way how to do this?

How to automatically save and force update of a dynamic DNS on pfSense?

Posted: 01 Jun 2022 10:17 AM PDT

Everytime the IP address of my pfSense changes i need to manually log-in to the panel, go to Services > Dynamic DNS > Actions [Edit] > ♻ Save & Force Update

Please, how do i do this using Cron ?? I already installed Package 'Cron' and did the following (Based on another question here on ServerFault - It didn't work.)

1 1 * * * root /usr/bin/nice -n20 /etc/rc.force.dyndns.update

Code in rc.force.dyndns.update is:

#!/bin/sh  rm /cf/conf/dyndns\_wancustom\\'\\'0.cache  /etc/rc.dyndns.update

It did not work. The problem keeps happening.

How to disable client-initiated renegotiation in Postfix?

Posted: 01 Jun 2022 11:44 AM PDT

How to disable client-initiated renegotiation in Postfix?

Exchange 2019 Antimalware engine updates download but don't get applied

Posted: 01 Jun 2022 10:28 AM PDT

I've been diagnosing for the past day or so some issues with an Exchange 2019 server related to Antimalware filtering/scanning. This was disabled on our server, I enabled it, and restarted the transport service per the Microsoft docs:

In Event Viewer, however, we're getting some logs that indicate this isn't working:

Event 6031, FIPFS: MS Filtering Engine Update process has successfully downloaded updates for Microsoft.    Event 6034, FIPFS: MS Filtering Engine Update process is testing the Microsoft scan engine update    Event 6035, FIPFS: MS Filtering Engine Update process was unsuccessful in testing an engine update.    Engine: Microsoft

It looks like it fails for some reason and logs "MS Filtering Engine Update process was unsuccessful in testing an engine update."

Then the process repeats and we can see it trying again:

Event 7003, FIPFS: MS Filtering Engine Update process has successfully scheduled all update jobs.    Event 6024, FIPFS: MS Filtering Engine Update process is checking for new engine updates.   Scan Engine: Microsoft    Update Path: http://amupdatedl.microsoft.com/server/amupdate    Event 6030, FIPFS: MS Filtering Engine Update process is attempting to download a scan engine update.   Scan Engine: Microsoft   Update Path: http://amupdatedl.microsoft.com/server/amupdate.    Event 6031, FIPFS: MS Filtering Engine Update process has successfully downloaded updates for Microsoft.    Event 6034, FIPFS: MS Filtering Engine Update process is testing the Microsoft scan engine update    Event 6035, FIPFS: MS Filtering Engine Update process was unsuccessful in testing an engine update.    Engine: Microsoft

The configuration settings look fine and we've allowed both amupdatedl.microsoft.com and forefrontdl.microsoft.com through the firewall. (It appears that's working because it says downloaded successfully in the Event Viewer logs.)

Any ideas / help would be much appreciated! Thank you!

Edit: One other note, it does seem to be trying to download and use some of the scan engine updates as evidenced by this staging folder here with recent timestamps.

I also found some other resources that suggested a permissions issue, but I checked and Network Service has full permissions to E:\Program Files\Microsoft\Exchange Server\V15\FIP-FS\Data

Things I've looked at:

pam_sss(crond:session): Request to sssd failed. Public socket has wrong ownership or permissions

Posted: 01 Jun 2022 09:14 AM PDT

we have Active Directory authentication with SSSD on a CENTOS 7.5

Starting from today users are unable to log in. When they try, they get:

/usr/bin/id: cannot find name for group ID xxxxxxxxxx

I looked into /var/log/secure:

pam_sss(crond:session): Request to sssd failed. Public socket has wrong ownership or permissions.

Here's sssd.conf:

domains = xxxxxxxxx  config_file_version = 2  services = nss, pam    [domain/xxxxxxxx]  ad_domain = xxxxxxxx  krb5_realm = XXXXXXXXXX  realmd_tags = manages-system joined-with-samba  cache_credentials = True  id_provider = ad  krb5_store_password_if_offline = True  default_shell = /bin/bash  ldap_id_mapping = True  #use_fully_qualified_names = True  use_fully_qualified_names = False  #fallback_homedir = /home/%u@%d  fallback_homedir = /home/%u  access_provider = ad

On another machine, with exactly the same configuration, everything works.

No changes at all, lately.

Thanks for your help.

503 Service Unavailable with ambassador QOTM service

Posted: 01 Jun 2022 10:06 AM PDT

I have a kubernetes master/node setup in cent os. After setting up ambassador as an API gateway, I have tried a sample route with QOTM service for which when I send a http request to the route, I receive 503 Service unavailable in the response with body as = "no healthy upstream". But the same qotm service when I ran it as a stand alone docker container it worked for the route. Is there any thing specific to be taken care in kubernetes to setup ambassador.

 kubectl exec ambassador-589c864695-cg556 -- curl -v 10.101.64.22/qotm/*  > no healthy upstream*   Trying 10.101.64.22...  > * TCP_NODELAY set  >  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current  >                                 Dload  Upload   Total   Spent    Left  Speed  >  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* > Connected to 10.101.64.22 (10.101.64.22) port 80 (#0)  > GET /qotm/* HTTP/1.1  > Host: 10.101.64.22  > User-Agent: curl/7.63.0  > Accept: */*  >  < HTTP/1.1 503 Service Unavailable  < content-length: 19  < content-type: text/plain  < date: Fri, 22 Mar 2019 03:54:16 GMT  < server: envoy  <  { [19 bytes data]  100    19  100    19    0     0  19000      0 --:--:-- --:--:-- --:--:-- 19000  * Connection #0 to host 10.101.64.22 left intact

Can't use UPN credentials with New-MoveRequest?

Posted: 01 Jun 2022 12:02 PM PDT

We're on a hybrid setup (Exchange 2013 on-prem), and MRSproxy is enabled and working. We want to archive our user's mailbox when they leave the company. So we want to migrate those mailbox from the Office 365 back to our on premise server. I've been trying to create a leaving script, and the New-MoveRequest cmdlet keeps on giving the following error:

The Mailbox Replication Service was unable to connect to the remote server using the credentials provided. Please check the credentials and try again. The call to 'https://webmail.blah.com/EWS/mrsproxy.svc' failed.  Error details: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The remote server returned an error:  (401) Unauthorized.. --> The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The remote server returned an  error: (401) Unauthorized.      + CategoryInfo          : NotSpecified: (:) [New-MoveRequest], RemotePermanentException      +9,Microsoft.Exchange.Man     agement.Migration.MailboxReplication.MoveRequest.NewMoveRequest      + PSComputerName        : outlook.office365.com

So I tested with Test-MigrationServerAvailability -ExchangeRemoteMove -RemoteServer webmail.blah.com -Credentials $UserName<#> with the 3 following type of PSCredentials:

UserName1 : <domain>\<SamAccountName>    UserName2 : <SamAccountName>    UserName3 : <SamAccountName>@<domain> (UPN)

With UserName1 and UserName2 I get

RunspaceId         : 3966b356-0f49-46c3-9373-e914827fc6ed  Result             : Success  Message            :  ConnectionSettings : <ExchangeConnectionSettings HasAdminPrivilege="True" HasAutodiscovery="False" HasMrsProxy="True" AutodiscoverUrl="" IncomingEmailAddress="" IncomingRPCProxyServer="webmail.blah.ccom"                       IncomingExchangeServer="webmail.blah.com" IncomingNSPIServer="" IncomingDomain="" IncomingUserName="UserName<#>" EncryptedIncomingPassword="something"                       IncomingAuthentication="Basic" ServerVersion="" TargetDomainName="" SourceMailboxLegDn="" PublicFolderDatabaseServerLegacyDN="" IsPublicFolderMailboxesMigrationSource="False" />  SupportsCutover    : False  ErrorDetail        :  IsValid            : True  Identity           :  ObjectState        : New

but with UserName3 I get :

RunspaceId         : 3966b356-0f49-46c3-9373-e914827fc6ed  Result             : Failed  Message            : The connection to the server 'webmail.blah.com' could not be completed.  ConnectionSettings :  SupportsCutover    : False  ErrorDetail        : Microsoft.Exchange.Migration.MigrationServerConnectionFailedException: The connection to the server 'webmail.blah.com' could not be completed. --->                       Microsoft.Exchange.MailboxReplicationService.RemotePermanentException: The Mailbox Replication Service was unable to connect to the remote server using the credentials provided. Please check                       the credentials and try again. The call to 'https://webmail.blah.com/EWS/mrsproxy.svc' failed. Error details: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The                       authentication header received from the server was 'Negotiate,NTLM'. --> The remote server returned an error: (401) Unauthorized.. --> The HTTP request is unauthorized with client                       authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The remote server returned an error: (401) Unauthorized. --->                       Microsoft.Exchange.MailboxReplicationService.RemotePermanentException: The call to 'https://webmail.blah.com/EWS/mrsproxy.svc' failed. Error details: The HTTP request is unauthorized with client                       authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The remote server returned an error: (401) Unauthorized.. --->                       Microsoft.Exchange.MailboxReplicationService.RemotePermanentException: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from                       the server was 'Negotiate,NTLM'. ---> Microsoft.Exchange.MailboxReplicationService.RemotePermanentException: The remote server returned an error: (401) Unauthorized.                          --- End of inner exception stack trace ---                          --- End of inner exception stack trace ---                          --- End of inner exception stack trace ---                          at Microsoft.Exchange.MailboxReplicationService.MailboxReplicationServiceFault.<>c__DisplayClass97_0.<ReconstructAndThrow>b__0()                          at Microsoft.Exchange.MailboxReplicationService.ExecutionContext.Execute(Action operation)                          at Microsoft.Exchange.MailboxReplicationService.MailboxReplicationServiceFault.ReconstructAndThrow(String serverName, VersionInformation serverVersion)                          at Microsoft.Exchange.MailboxReplicationService.WcfClientWithFaultHandling`2.<>c__DisplayClass7_0.<CallService>b__0()                          at Microsoft.Exchange.Net.WcfClientBase`1.CallService(Action serviceCall, String context)                          at Microsoft.Exchange.MailboxReplicationService.WcfClientWithFaultHandling`2.CallService(Action serviceCall, String context)                          at Microsoft.Exchange.Migration.MigrationExchangeProxyRpcClient.CanConnectToMrsProxy(Fqdn serverName, Guid mbxGuid, NetworkCredential credentials, LocalizedException& error)                          --- End of inner exception stack trace ---                          at Microsoft.Exchange.Migration.DataAccessLayer.ExchangeRemoteMoveEndpoint.VerifyConnectivity()                          at Microsoft.Exchange.Management.Migration.MigrationService.Endpoint.TestMigrationServerAvailability.InternalProcessEndpoint(Boolean fromAutoDiscover)  IsValid            : True  Identity           :  ObjectState        : New

Looking at the TechNet article for both New-MoveRequest and Test-MigrationServer the Credentials/RemoteCredential parameter should accept UPN usernames.

Is this a limit with Exchange 2013? I can Remote-PSSession to the on premise Exchange server with the UPN username, and import the CMDlet, so I'm at a lost why it doesn't work with New-MoveRequest and Test-MigrationServer loaded from Office 365?

How to display more Task Scheduler logs?

Posted: 01 Jun 2022 08:14 AM PDT

Under a Windows Server 2012 R2, I see less than 2 days of Task Scheduler logs ! To be honest that's already 17'295 entries, maybe is it the maximum capacity ?

Therefore my question : is the problem due to display options, or is the server keeping so little logs ? In the second case, how to extend logging capacities ?

To view the logs I go to Event viewer > Apps and services > Microsoft > Windows > Task Scheduler > Operational

Any help would be appreciated.

P. S. I found an older discussion which doesn't seem to apply for Windows Server 2012 R2 : Extending the Windows Task Scheduler log file

zywall usg 100 log website visits

Posted: 01 Jun 2022 11:04 AM PDT

Can I log all browsing history with a zyxel zywall usg 100 router (with no payed licenses). I would like to see a complete list of websites visited; a bit like the "traffic statistics" page (interface "lan1", sort by "Web site hits"), but a complete history with timestamps instead of the top 20 max hits.

I have usb-storage added to the router
activated usb-storage in log-settings
enabeled logging of "forward web sites" (but i don't get any results in that type of log)

mdadm: drive replacement shows up as spare and refuses to sync

Posted: 01 Jun 2022 11:35 AM PDT

Prelude

I had the following devices in my /dev/md0 RAID 6: /dev/sd[abcdef]

The following drives were also present, unrelated to the RAID: /dev/sd[gh]

The following drives were part of a card reader that was connected, again, unrelated: /dev/sd[ijkl]

Analysis

sdf's SATA cable went bad (you could say it was unplugged while in use), and sdf was subsequently rejected from the /dev/md0 array. I replaced the cable and the drive was back, now at /dev/sdm. Please do not challenge my diagnosis, there is no problem with the drive.

mdadm --detail /dev/md0 showed sdf(F), i.e., that sdf was faulty. So I used mdadm --manage /dev/md0 --remove faulty to remove the faulty drives.

Now mdadm --detail /dev/md0 showed "removed" in the space where sdf used to be.

  root@galaxy:~# mdadm --detail /dev/md0  /dev/md0:          Version : 1.2    Creation Time : Wed Jul 30 13:17:25 2014       Raid Level : raid6       Array Size : 15627548672 (14903.59 GiB 16002.61 GB)    Used Dev Size : 3906887168 (3725.90 GiB 4000.65 GB)     Raid Devices : 6    Total Devices : 5      Persistence : Superblock is persistent      Intent Bitmap : Internal        Update Time : Tue Mar 17 21:16:14 2015            State : active, degraded   Active Devices : 5  Working Devices : 5   Failed Devices : 0    Spare Devices : 0             Layout : left-symmetric       Chunk Size : 512K               Name : eclipse:0             UUID : cc7dac66:f6ac1117:ca755769:0e59d5c5           Events : 67205        Number   Major   Minor   RaidDevice State         0       8        0        0      active sync   /dev/sda         1       8       32        1      active sync   /dev/sdc         4       0        0        4      removed         3       8       48        3      active sync   /dev/sdd         4       8       64        4      active sync   /dev/sde         5       8       16        5      active sync   /dev/sdb

For some reason the RaidDevice of the "removed" device now matches one that is active. Anyway, let's try add the previous device (now known as /dev/sdm) because that was the original intent:

  root@galaxy:~# mdadm --add /dev/md0 /dev/sdm  mdadm: added /dev/sdm  root@galaxy:~# mdadm --detail /dev/md0  /dev/md0:          Version : 1.2    Creation Time : Wed Jul 30 13:17:25 2014       Raid Level : raid6       Array Size : 15627548672 (14903.59 GiB 16002.61 GB)    Used Dev Size : 3906887168 (3725.90 GiB 4000.65 GB)     Raid Devices : 6    Total Devices : 6      Persistence : Superblock is persistent      Intent Bitmap : Internal        Update Time : Tue Mar 17 21:19:30 2015            State : active, degraded   Active Devices : 5  Working Devices : 6   Failed Devices : 0    Spare Devices : 1             Layout : left-symmetric       Chunk Size : 512K               Name : eclipse:0             UUID : cc7dac66:f6ac1117:ca755769:0e59d5c5           Events : 67623        Number   Major   Minor   RaidDevice State         0       8        0        0      active sync   /dev/sda         1       8       32        1      active sync   /dev/sdc         4       0        0        4      removed         3       8       48        3      active sync   /dev/sdd         4       8       64        4      active sync   /dev/sde         5       8       16        5      active sync   /dev/sdb           6       8      192        -      spare   /dev/sdm

As you can see, the device shows up as a spare and refuses to sync with the rest of the array:

  root@galaxy:~# cat /proc/mdstat  Personalities : [raid6] [raid5] [raid4]  md0 : active raid6 sdm[6](S) sdb[5] sda[0] sde[4] sdd[3] sdc[1]        15627548672 blocks super 1.2 level 6, 512k chunk, algorithm 2 [6/5] [UU_UUU]        bitmap: 17/30 pages [68KB], 65536KB chunk    unused devices:

I have also tried using mdadm --zero-superblock /dev/sdm before adding, with the same result.

The reason I am using RAID 6 is to provide high availability. I will not accept stopping /dev/md0 and re-assembling it with --assume-clean or similar as workarounds to resolve this. This needs to be resolved online, otherwise I don't see the point of using mdadm.

openSUSE 13.1 pam_ldap error trying to bind invalid credentials

Posted: 01 Jun 2022 09:02 AM PDT

Environment: new install of openSUSE 13.1 into a internal network of mostly 10.2 and 10.3 openSUSE. LDAP server (@(#) $OpenLDAP: slapd 2.3.19 (Jul 28 2006 17:00:02)) running on SUSE LE 10 .

Attempting to configure new 13.1 ldap client host ("main") using nss_ldap and pam_ldap (i.e., not using the SSSD). All older clients working fine w/ LDAP server.

Get following error when ssh to new host "main" (some info obsured) from older host "test":

    Sep 19 11:17:43 main sshd[10460]: Invalid user XXX from 10.3.0.72      Sep 19 11:17:43 main sshd[10460]: input_userauth_request: invalid user XXX [preauth]      Sep 19 11:17:43 main sshd[10460]: Postponed keyboard-interactive for invalid user XXX from 10.3.0.72 port 57170 ssh2 [preauth]      Sep 19 11:17:47 main sshd[10462]: pam_ldap: error trying to bind as user "uid=XXX,ou=people,dc=XXX,dc=YYYY,dc=org" (Invalid credentials)      Sep 19 11:17:47 main sshd[10460]: error: PAM: Authentication failure for illegal user XXX from test.blah.org

getent passwd XXX -- returns nothing
getent group GGG - returns the ldap group info for known group GGG
main:/etc # ldapsearch -x -L -u -t "(uid=XXX)" - returns the LDAP info on user XXX

My /etc/pam.d/common-password is:

    password        requisite       pam_pwcheck.so  nullok cracklib remember=      password        sufficient      pam_unix2.so    use_authtok nullok      password        required        pam_ldap.so     try_first_pass use_authtok

My /etc/pam.d/common-auth is:

    auth    required        pam_env.so      auth    sufficient      pam_unix2.so      auth    required        pam_ldap.so     use_first_pass

What am I missing/forgetting?

Disable Outlook Web Access Junk filtering in Exchange 2013

Posted: 01 Jun 2022 11:04 AM PDT

By default, Outlook Web Access (OWA) in Exchange 2013 seems to move suspected junk mail to the Junk Email folder. This is undesirable behavior in most of my environments because we have Barracuda Spam Filters in place.

I'd like to accomplish the following setting globally for all existing and future users in an Exchange 2013 environment. What's the least-painful method to accomplish this?

enter image description here

I thought the Exchange shell would be magic, but running
Get-Mailbox | Set-MailboxJunkEmailConfiguration -Enabled $false

yields...

The Junk Email configuration couldn't be set. The user needs to sign in to Outlook Web App before they can modify  their Safe Senders and Recipients or Blocked Senders lists.      + CategoryInfo          : NotSpecified: (:) [Set-MailboxJunkEmailConfiguration], DataSourceOperationException      + FullyQualifiedErrorId : [Server=BANANA,RequestId=479f4808-2eda-4175-8503-7b670e46c277,TimeStamp=8/4/2014 4:33:33      PM] [FailureCategory=Cmdlet-DataSourceOperationException] 44FC7257,Microsoft.Exchange.Management.StoreTasks.SetMa    ilboxJunkEmailConfiguration      + PSComputerName        : banana

mysql binlog error "ERROR: Error in Log_event::read_log_event(): 'Found invalid event in binary log', data_len: 341, event_type: 2 **"

Posted: 01 Jun 2022 12:02 PM PDT

I am new in mysql binary log and replication .Please help me sort this issue.

I am using mysql version 5.0.95 and now facing errors in binlogs. Some of querries in binary log as unknown event and also getting error when we try to force read the binary log using mysqlbinlog utility

mysqlbinlog techgv3_mysql-bin.000001  > /dev/null

Command output

ERROR: Error in Log_event::read_log_event(): 'Found invalid event in binary log', data_len: 341, event_type: 2  Could not read entry at offset 126:Error in log format or read error

I have tested mysqlbinlog utility with different version . But no luck . same error . A lot of unknown events .

Os version : CentOS release 6.4 (Final) 64 bit

Command output

mysqlbinlog -f techgv3_mysql-bin.000001  #131212 17:21:42 server id 100  end_log_pos 112256   # Unknown event  # at 112256  #131212 17:21:42 server id 100  end_log_pos 112284         Intvar  SET INSERT_ID=13826501/*!*/;  # at 112284  #131212 17:21:42 server id 100  end_log_pos 112636   # Unknown event  # at 112636  #131212 17:21:42 server id 100  end_log_pos 112664         Intvar  SET INSERT_ID=13826502/*!*/;  # at 112664  #131212 17:21:42 server id 100  end_log_pos 113873   # Unknown event  # at 113873  #131212 17:21:43 server id 100  end_log_pos 113901         Intvar  SET INSERT_ID=13826503/*!*/;  # at 113901  #131212 17:21:43 server id 100  end_log_pos 114256   # Unknown event  # at 114256  #131212 17:21:43 server id 100  end_log_pos 114443   # Unknown event  # at 114443  #131212 17:21:43 server id 100  end_log_pos 114471         Intvar  SET INSERT_ID=13826504/*!*/;  # at 114471  #131212 17:21:43 server id 100  end_log_pos 114818   # Unknown event  # at 114818  #131212 17:21:43 server id 100  end_log_pos 114846         Intvar  SET INSERT_ID=13826505/*!*/;  # at 114846  #131212 17:21:43 server id 100  end_log_pos 115404   # Unknown event  # at 115404

Also created same mysql version 5.0.95 in my local system and execute all mysql query from general log of server.Can't find any error in binary log ?

Have any idea how to sort out this issue ?

Web page hangs on reload/refresh

Posted: 01 Jun 2022 10:06 AM PDT

I'm experiencing a strange problem with my website. If I navigate through links inside the website everything is fine, and pages load fast. If I hit the refresh button on the browser on any page, the page load is slow and it hangs (not at the same moment every refresh), and it keeps loading forever. Despite the spinning reload icon on address bar, firebug does not show any hung connection.

I tried FF/Chrome on MacOSX/Win/Linux and I get the same behaviour, so I suppose is something related to my web server.

Is it possible I made some mistakes on tuning apache settings (such as KeepAlive / MaxClients)? I currently use Apache2 with prefork module, on a dedicated 8 core i7 server with 16GB RAM.

Prefork settings:

<IfModule mpm_prefork_module>      ServerLimit          500      StartServers         40      MinSpareServers      40      MaxSpareServers     100      MaxClients          400      MaxRequestsPerChild  4000  </IfModule>

Other/KeepAlive settings:

Timeout 300  KeepAlive On  MaxKeepAliveRequests 500  KeepAliveTimeout 4

Is it possible that the problem is completely unrelated to these settings, so I ask you: can you address me on the right place to look or how to perform further tests to understand how to solve it?

How to create monit monitor to alert when a line of text is NOT seen in a log file over a period of time

Posted: 01 Jun 2022 09:02 AM PDT

I can see how to alert when a regex appears in a log file. I can see how to alert when a regex does not appear on EVERY line of a log file. But I can't see how to alert when a regex has not appeared in a log file over a period of time.

I could create a bash script which regex's the file for me, and writes out to a file which monit monitors, but would rather keep the solution within monit.

Any help would be appreciated.

e-techbytes

Wednesday, June 1, 2022

Recent Questions - Server Fault

Recent Questions - Server Fault

No comments:

Post a Comment